Information Security Compliance Analyst

Summary

Join our team as an Information Security Compliance Analyst! This 12+ month contract position offers a hybrid work model (one day a week onsite in Bethesda, MD, the rest remote). You will leverage your expertise in federal information security compliance to evaluate system security postures, provide risk-based recommendations, and support ATOs. The ideal candidate possesses extensive experience consulting for the US Federal government and a strong understanding of NIST, CNSS, and FISMA standards and guidance. Experience with A&A, OT, POA&M, and NIST 800-82 Rev 3 is crucial. This role requires demonstrated experience working with stakeholders to ensure compliance with federal and industry standards.

Requirements

• Possess a minimum of 3 years of experience consulting to the US Federal government, evaluating the security posture of information systems in accordance with federal information security requirements and industry leading guidance and providing risk-based observations and recommendations for information systems security, controls, and operation in connection with conducting A&As for ATOs
• Demonstrate comprehension and application of standards and guidance per the National Institute of Strategy and Intelligence (NIST), the Committee on National Security Systems (CNSS), and the Federal Information Security Modernization Act (FISMA) following Federal Information System Controls Audit Manual (FISCAM) and the Government Accountability Office (GAO) Standards for Internal Control in the Federal Government ("Green Book"), NIST Special Publications (SP) 800-37 and NIST 800-82 Rev 3:, and NIST Federal Information Processing Standards (FIPS) 199 and 200
• Demonstrate experience working with information system stakeholders in aiding them to understand information security requirements related to federal and industry standards, i.e., NIST, DHS 4300A, CNSS, and design and operate information security controls
• Have working experience with Documentation
• Have working experience with A&A
• Have working experience with Operation Technology/OT
• Have working experience with POA&M
• Have working experience with NIST 800-82 Rev 3
• Have working experience with FISMA
• Have working experience with Federal Government Experience
• Have working experience with ATO
• Have working experience with AWS/Azure